is there any kind of Encryption and Decryption functions that are in c# and Oracle PL/SQL?
I mean I can encrypt a string in one and decrypt it in the other?
any help, I'm not good in security algorithm!
cheers
In Oracle, you can use the dbms_obfuscation_toolkit. If you want to encrypt and decrypt, you might try DES encryption. For Oracle, its dbms_obfuscation_toolkit.DESEncrypt, and for C# its DESCryptoServiceProvider (in System.Security.Cryptography). You'll also need to use the same key of course if encrypting/decrypting between the two.
Also, DBMS_CRYPTO is intended to replace DBMS_OBFUSCATION_TOOLKIT I believe, and should have various encryption algorithms for Oracle.
Related
I have a C# application in which I sometimes have to encrypt some data (XML file). Basically, the problem is I cannot store any keys on a server, or directly in the code, as .NET apps can be easily disassembled with for example dotPeek.
So basically my app would encrypt XML file and save it on disk, and then would be able to decrypt it.
I came up with an idea to ask for a passphrase every time a user wants to encrypt/decrypt the data. This passphrase would be hashed with SHA512 and the resulting bytes would be used as a key to encrypt the data. Then if the user wants to decrypt the file, they are asked for a passphrase again and this passphrase is used to decrypt the file (it may fail if the user enters a wrong passphrase).
So my first question would be: Is it actually a good idea?
My second question is about the implementation. I have hashing, serialization, deserialization, but I don't know which encryption algorithm should I use (I guess not RSA as the data to be encrypted would be really long) and then can I pass the passphrase as a key to this algorithm?
You've stumbled upon the idea of a Key Derivation Function (KDF). What you're suggesting is, with a few differences, an excellent idea and one used often. The small-ish issue is that SHA-512 alone is not a good KDF. I recommend you read about PBKDF2 (in .NET, the implementation is called Rfc2898DeriveBytes). Password hashes like bcrypt and argon2 are also very viable choices.
In regards to your question regarding the encryption algorithm, AES is currently considered the "standard" symmetric encryption algorithm. There are many other viable options however. Just ensure you aren't using DES or Triple-DES, they're dated algorithms. Also ensure you're using a secure block mode. GCM is arguably the "best".
I am having a dilemma in choosing which encryption to use.
I have to store passwords in a database. I would like to encrypt the passwords. I am using C# and am looking for reasons between AES and RijndaelManaged.
I have looked for a succinct answer but I can find none which clearly states which is better today.
If one can provide a link, I would appreciate it.
If possible, you should use salted passwords with a one-way hash.
Hash and salt passwords in C#
In looking at this article The Differences Between Rijndael and AES, the differences mentioned are negligible considering you want to only encrypt passwords (assumingly of small length < 30 characters).
Also see Is the RijndaelManaged Class in C# equivalent to AES encryption?
I'm trying to find an AES encryption method that will allow me to encrypt a string in PHP and use the encrypted string to be decrypted in C#
Can anyone help me out here. I've looked at nearly all the examples on the net and can't find a matching one that will let me do what I want.
Thanks
The problem with PHP is that mcrypt only supports null padding. C# does not support null padding for good reason, it goes haywire if you're encrypting binary information. If you switch to OpenSSL for your encryption on PHP you will get better padding options. Once you have switched you simply need to ensure the block size, mode and padding options are the same on both sides.
I would recommend phpseclib, a pure PHP AES implementation. It's interoperable with OpenSSL as demonstrated thusly:
AES Encrypt in PHP to decrypt in openssl
I've found a few answers to Encrypt in PHP, and Decrypt in C#, but as yet have been unable to reverse the process...
The background is I want to:
In C#:
AES encrypt a file's contents.
Upload the data (likely via http via POST) to a server.
In PHP:
Receive and save the file.
And in PHP (at a later date):
Decrypt the file.
I specifically want to encrypt it outside of using SSL/TLS (though I might have to do this as well), as I need to know the file remains encrypted (and decryptable!) when stored on the server.
To encrypt in C# I'm using:
Rijndael RijndaelAlg = Rijndael.Create();
RijndaelAlg.KeySize = 128;
RijndaelAlg.Mode = CipherMode.CBC;
CryptoStream cStream = new CryptoStream(fStream, RijndaelAlg.CreateEncryptor(Key, IV),
CryptoStreamMode.Read);
and to decrypt in PHP:
mcrypt_cbc(MCRYPT_RIJNDAEL_128, $key, $buffer, MCRYPT_DECRYPT, $iv);
Generally it only depends on selecting the right options on both sides:
Plaintext character format
how plaintext characters are encoded in the bit string
Padding
how to pad the plaintext to be an exact multiple of the block size
Key length
must be agreed if there is a choice
Key derivation
how to create the bit string to be used for the key
Mode
which mode of encryption to use
Storage format
how we store the ciphertext
Please see here for a lot of information about these things. Especially the padding seems to be the root of most interoperability problems as PHP's mcrypt uses a NULL-padding by default and has no built-in support for any other padding mode, while e.g. .NET doesn't even provide an option to use a NULL-padding (as it may cause issues when encrypting binary data).
I know this was asked a while ago but I thought I'd post my solution for others. I wrote up a quick code example in PHP and C# that lets you encrypt/decrypt both ways. I had a few issues with getting the settings on both sides to work out. A difference in padding would let it decrypt one way but not the other
https://github.com/dchymko/.NET--PHP-encryption
hope that helps some people.
Are you using the same mode with both? I.e. are you using CBC with both (and not ECB). If you don't understand what I just said then drop a comment and I'll explain in detail, as it has fairly major security repercussions.
I had a similar problem a few months ago - I had a project that had to use AES encryption and I had to make sure that the exact same algorithm is used between a C# and A C++ component. I ended up implementing a shared DLL library used by both based on the AES crypto wrapper from this codeplex article:
http://www.codeproject.com/KB/security/WinAESwithHMAC.aspx
I am needing to encrypt using Perl and decrypt on .Net (C#). i.e. Perl encrypts a file and my .Net code decrypts the file (and even maybe validates integrity).
The problem is that I am not familiar with the encryption capabilities of Perl. Can anyone offer guidance on how best to approach this and what the possibilities are?
Thanks in advance!
DC
As Lars said, AES is probably the best choice these days. For a Perl implementation, see Crypt::Rijndael
Use AES encryption with a common secret key.
Perl
C#